|
211701
|
7.4 |
HIGH
Network
|
libtiff
|
libtiff
|
Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process …
|
CWE-20
CWE-190
Improper Input Validation
Integer Overflow or Wraparound
|
CVE-2015-8870
|
2024-11-21 11:39 |
2016-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211702
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local u…
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8970
|
2024-11-21 11:39 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211703
|
7.5 |
HIGH
Network
|
soap\
|
\
|
In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, an example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with th…
|
CWE-399
Resource Management Errors
|
CVE-2015-8978
|
2024-11-21 11:39 |
2016-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211704
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
|
CWE-200
Information Exposure
|
CVE-2015-8964
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211705
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an sweven…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2015-8963
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211706
|
7.3 |
HIGH
Local
|
linux
|
linux_kernel
|
Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and…
|
CWE-415
Double Free
|
CVE-2015-8962
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211707
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper acc…
|
CWE-416
Use After Free
|
CVE-2015-8961
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211708
|
9.8 |
CRITICAL
Network
|
squareup
|
git-fastclone
|
git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to "cd " and "g…
|
CWE-77
Command Injection
|
CVE-2015-8969
|
2024-11-21 11:39 |
2016-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211709
|
8.8 |
HIGH
Network
|
squareup
|
git-fastclone
|
git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacker can instruct a user to run a recursive clone from a repository they control, they can get a clien…
|
CWE-77
Command Injection
|
CVE-2015-8968
|
2024-11-21 11:39 |
2016-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211710
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service (dentry reference leak) via filesystem operations on…
|
CWE-399
Resource Management Errors
|
CVE-2015-8953
|
2024-11-21 11:39 |
2016-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
